Re: [PATCH v3 2/3] KEYS: trusted: Introduce support for NXP DCP-based trusted keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jarkko,

> On 25.09.2023, at 17:34, Jarkko Sakkinen <jarkko@xxxxxxxxxx> wrote:
> 
> On Mon Sep 18, 2023 at 5:18 PM EEST, David Gstir wrote:
>> DCP (Data Co-Processor) is the little brother of NXP's CAAM IP.
>> 
>> Beside of accelerated crypto operations, it also offers support for
>> hardware-bound keys. Using this feature it is possible to implement a blob
>> mechanism just like CAAM offers. Unlike on CAAM, constructing and
>> parsing the blob has to happen in software.
>> 
>> We chose the following format for the blob:
> 
> Who is we?

The authors of this patch. But I’ll rephrase that to get rid
of the academic paper style.

> And there is no choosing anything if the below structure if hardware
> defined (not software defined):

The below structure is actually software-defined by this patch.
Contrary to CAAM, DCP does not have a key blob feature.
DCP’s hardware-bound UNIQUE or OTP key is used to bind
these key blobs to a specific DCP chip.


> 
>> /*
>> * struct dcp_blob_fmt - DCP BLOB format.
>> *
>> * @fmt_version: Format version, currently being %1
>> * @blob_key: Random AES 128 key which is used to encrypt @payload,
>> *            @blob_key itself is encrypted with OTP or UNIQUE device key in
>> *            AES-128-ECB mode by DCP.
>> * @nonce: Random nonce used for @payload encryption.
>> * @payload_len: Length of the plain text @payload.
>> * @payload: The payload itself, encrypted using AES-128-GCM and @blob_key,
>> *           GCM auth tag of size AES_BLOCK_SIZE is attached at the end of it.
>> *
>> * The total size of a DCP BLOB is sizeof(struct dcp_blob_fmt) + @payload_len +
>> * AES_BLOCK_SIZE.
>> */
>> struct dcp_blob_fmt {
>> __u8 fmt_version;
>> __u8 blob_key[AES_KEYSIZE_128];
>> __u8 nonce[AES_KEYSIZE_128];
>> __le32 payload_len;
>> __u8 payload[];
>> } __packed;
>> 
>> @payload is the key provided by trusted_key_ops->seal().
>> 
>> By default the UNIQUE device key is used, it is also possible to use
>> the OTP key. While the UNIQUE device key should be unique it is not
>> entirely clear whether this is the case due to unclear documentation.
>> If someone wants to be sure they can burn their own unique key
>> into the OTP fuse and set the use_otp_key module parameter.
>> 
>> Co-developed-by: Richard Weinberger <richard@xxxxxx>
>> Signed-off-by: Richard Weinberger <richard@xxxxxx>
>> Co-developed-by: David Oberhollenzer <david.oberhollenzer@xxxxxxxxxxxxx>
>> Signed-off-by: David Oberhollenzer <david.oberhollenzer@xxxxxxxxxxxxx>
>> Signed-off-by: David Gstir <david@xxxxxxxxxxxxx>
>> ---
>> .../admin-guide/kernel-parameters.txt         |  13 +
> 
> Separate commit for this.
> 
>> MAINTAINERS                                   |   9 +
> 
> Ditto (i.e. total two additional patches).

Will do for v4! 

Thanks,
- David



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux